sábado, 31 de março de 2018

SW Development: Agile enters aviation?

https://www.flightglobal.com/news/articles/us-auditor-gives-backstory-of-software-reform-on-f-447143/

Quoting:
"Instead of releasing large quantities of new software-cabled capacities in multi-year blocks, the F-22 programme carved up the development work into smaller slices of capabilities that could be delivered every 12-14 weeks, the audit says.

As each new software update is coded, developers perform integrated testing to tackle bugs in more manageable chunks. Rather than waiting until the end of a multi-year block development to begin integrated testing.

The F-22 programme called the new method the Scaled Agile Framework (SAFe), according to the IG. The approach was once limited limited to the F-22 programme, but the idea began to spread last year.

In September, Vice Adm Mat Winter, the F-35’s programme executive officer, said agile-based software development would be applied to future upgrades of the F-35 and the F-22. He did not mention that the F-35 was following the lead of the F-22, which the IG report reveals had started using the incremental method four years earlier."

terça-feira, 27 de março de 2018

SW Testing: 64 Essential Test Metrics For Measuring Software Quality, Testing & More

Should you measure things while testing? Sure. In order to be able to manage the phase (and the resources available to execute it) it is mandatory... What should you measure? Here is an interesting article on the topic:
Quoting:

"Software testing metrics are a way to measure and monitor your test activities. More importantly, they give insights into your team’s test progress, productivity, and the quality of the system under test. When we ask ourselves “What have we tested?”, metrics will give us better answers than just “we have tested it.” Different teams measure various aspects depending on what they want to track and control or improve.

A metric usually conveys a result or a prediction based on the combination of data.

Result Metrics:  metrics that are mostly an absolute measure of an activity/process completed.

Example: Time taken to run a set of test cases in a suite

Predictive Metrics:  metrics that are derivatives and act as early warning signs of an unfavorable result.

Example: Defects created vs. Resolved chart shows the rate of defect fixing.  This grabs the team’s attention if this rate is slower than the rate desired.

Are you using the right software test metrics? Get answers, best practices and strategies in our 14-page guide to improving your software quality through data and analytics.

Why Test Metrics? Why Should You Care?

The aim of collecting test metrics is to use the data for improving the test process, rather than to just show fancy reports. This includes finding tangible answers to the questions:
  • How long will it take to test?
  • How much money will it take to test?
  • How bad are the bugs?
  • How many bugs found were fixed? reopened? closed? deferred?
  • How many bugs did the test team did not find?
  • How much of the software was tested?
  • Will testing be done on time? Can the software be shipped on time?
  • How good were the tests? Are we using low-value test cases?
  • What is the cost of testing?
  • Was the test effort adequate? Could we have fit more testing in this release?
Good answers to these questions need measurement. This post includes 64 of the absolute, derivative, result, and predictive metrics that testers and QA managers use the most often.

The Fundamental Metrics 

As a tester, your road to metric creation has to start somewhere.  Fundamental QA metrics are a combination of absolute numbers that can then be used to produce derivative metrics.

Absolute Numbers:
  • Total number of test cases
  • Number of test cases passed
  • Number of test cases failed
  • Number of test cases blocked
  • Number of defects found
  • Number of defects accepted
  • Number of defects rejected
  • Number of defects deferred
  • Number of critical defects
  • Number of planned test hours
  • Number of actual test hours
  • Number of bugs found after shipping"
For the derivative and other type of metrics, follow the link above.

Career and team evaluation?

interesting like Glassdoor, but more recruitment-oriented: 
Quoting:
"“Since developers are data-driven people, aggregated values are presented in a structured way, using graphs and charts, and provide insight into a team’s values very quickly. Different developers prioritise different things. For example, some might emphasise working with high-quality equipment while others might care the most about team collaboration. That is where Tabspace comes in; you can quickly find out which teams share your professional and personal values and then you can go ahead and interview for those. As for the teams, Tabspace helps them to attract developers that share their team’s values and are a good fit for the team.
“Our goal is to help both sides; developers will be happier having found the teams that share their values, while teams will be more productive having developers that are happier at their workplace.”"

segunda-feira, 26 de março de 2018

SW Construction: Which programming languages you should learn now...

... in order to improve your chances/value in the market. An interesting list of languages to learn additionally if you're from the Java, C/C++, Ruby, etc. world and/or if you're a newbie:
And the top 50 (in the not much scientific TIOBE index):
PS: Cross-check with a previously provided list here around:




SW Construction: Rust, the new safe, performant language (from Mozilla)?


Quoting:
"Rust is meant to be fast, safe, and reasonably easy to program in. It’s also intended to be used widely, and not simply end up as a curiosity or an also-ran in the language sweepstakes. Good reasons abound for creating a language where safety sits on equal footing with speed and development power. After all, there’s a tremendous amount of software—some of it driving critical infrastructure—built with languages where safety wasn’t the first concern."
(...)
"The Rust team is conscious of many of these issues, and it has plans on the 2017 Rust roadmap to improve them. For example, to make Rust easier to work with C and C++, the Rust team is investigating whether to expand projects like bindgen, which automatically generates Rust bindings to C code."

SW Construction: Building taking into account perfomance?

Maybe so. Because of hardware security flaws and its workarounds:
http://www.idgconnect.com/blog-abstract/29406/why-spectre-demands-elegantly-coded-software

Citando:
"Why Spectre demands more elegantly coded software

Write it well, write it efficiently, write it as though the underlying hardware isn’t going to get any faster. Because it isn’t"

(...)

"There are some Spectre-immune systems, but they tend to be slow or old or both. The Raspberry Pi is one and I’m writing this article on another, a pre-2013 Intel Atom box. It doesn’t do out-of-order (OoO) execution, but therefore it doesn’t do anything particularly quickly. This is now the choice facing everyone who cares about security: fast and flawed or slow and safe (or at least safer).

Until that changes, until a new generation of chips somehow circumvents the flaws and gives us full-speed computing without speculative execution vulnerabilities, software developers must step up and make a difference. Yes, efficient coding is suddenly back in fashion, because developers can no longer assume that tomorrow’s hardware will be faster than today’s. But what does this mean in development terms?"

quarta-feira, 14 de março de 2018

FUN Dept.: Quality Sayings and Quality Quotes

Not properly the typical Fun Dept. but a whole bunch of interesting quotes related to QUALITY can be found here:


... and that does not include the famous quote by the quality guru W. Edwards Deming:
"It is not enough to do your best; you must know what to do, and then do your best." 

In SW engineering, this is where processes enter. QMS Processes do tell you what to do. Then you need to know how to do (and the tools). And then you need attitude and do your best. And only then you are ready to not waste your efforts out of the window.

Source: http://quotes.deming.org/authors/W._Edwards_Deming/quote/10084

terça-feira, 13 de março de 2018

Metrics: Three metrics for measuring engineering speed (company / team velocity)

Three metrics for measuring engineering speed - SD Times

Quoting:
"Companies want to deliver high quality software fast, but how fast is fast enough? A recently released report by CircleCI found three important development metrics to predict an organization’s velocity and maturity.
The metrics are:

  • mainline branch stability, 
  • deploy time and 
  • deploy frequency.


“Most teams have no idea what speed actually means,” said Jim Rose, CEO of CircleCI. “They are deploying and they are doing it at a rate that feels good to them, but they don’t necessarily know where that stacks up compared to the rest of the market.”

The study looked at a sample of organizations built on the CircleCI’s cloud platform from June 1 to July 31, 2017."

segunda-feira, 12 de março de 2018

SW Development: Visual Studio vs. Rider (IDE, TOOLS)

An article by the great and not late Mr. Peres (which you might have heard about before):
https://stackify.com/visual-studio-rider/
Citando:
"In the beginning there was Visual Studio. For many years, it was essentially the only tool that offered a comprehensive IDE with useful functionality that could be used for enterprise-level .NET development. Other tools existed, of course, but they were generally no match for Visual Studio.
In recent years, this landscape has somewhat changed: we now have Visual Studio CodeMonoDevelopSharpDevelop and, more recently, JetBrains Rider. Not all of these are free or open source, and, in general, this shows up in the quality of the tool or the features it offers. This is not to say that open source does not offer high quality stuff – I have been an advocate of NHibernate for years – but only that companies that can spend money in having full time developers working on something usually benefit from that."

quarta-feira, 7 de março de 2018

AI: Machine Learning course (Google)

https://developers.googleblog.com/2018/03/machine-learning-crash-course.html

Citando:
"Today, we're happy to share our Machine Learning Crash Course (MLCC) with the world. MLCC is one of the most popular courses created for Google engineers. Our engineering education team has delivered this course to more than 18,000 Googlers, and now you can take it too! The course develops intuition around fundamental machine learning concepts.

What does the course cover?

MLCC covers many machine learning fundamentals, starting with loss and gradient descent, then building through classification models and neural nets. The programming exercises introduce TensorFlow. You'll watch brief videos from Google machine learning experts, read short text lessons, and play with educational gadgets devised by instructional designers and engineers.

How much does it cost?

MLCC is free."


PS: Kudos to C.Manta for pointing this out.

SECURITY: The visible face of your projects could be the wrong one

Customer are always important but some customers and its projects will need additional care. Sometimes the visible face of your work gets into the news and this is good. Unless the news are bad, or even worse, are incorrect.

Only then you'll probably be aware that sometimes it is just not a matter of being the best in business and let your technical (and management) competency excel.
It's a matter of surviving what it is being said about your work, the way you got your contract, the way you delivered your work, the way you could get the blame for issues that are not part of the scope of your work and so on. It's then that you'll have to have your executive management support (to shield you from the outer world interferences and to manage communication with that outer world).

The oddest experience I've ever had was having to work with a point of contact that was to help us execute a specific project and from minute one his intentions were to undermine the project's success. I had 20+ years of experience in the software industry, and in my innocence, I was thinking I had nothing more to learn. I was so wrong,

What if the visible face of your project start to be in the news? The news could be correct and/or incorrect; presenting sensitive data and/or confidential data (that no one knows who's disclosing). Your competition could be interested in it. Internal stakeholders could be interested in it (feeling "invaded"). Reporters could be getting it all wrong. It can get messy...

Some examples (in PT, sorry guys):
Maybe some more can be told on this topics later on. Lessons learned are for sure more useful if properly shared. And you bet that we've managed to deliver successfully that particular [migration] project.

Revisions: 2018-03 - updated links. 2018-04 - added the "drop money out of the window" link.
PS: Additional info or how to not execute a "data migration" project:



domingo, 4 de março de 2018

SW Development: Single source of truth?

Recommendations on building the SSoT (alongside with DevOps and Agile approaches) for businesses like Financial Services (FS):
https://www.finextra.com/blogposting/15068/how-and-why-software-development-must-be-included-in-fs-compliance-risk-and-security-processes
Quoting:
"The problem is that traditionally, the way software development teams have worked has typically been siloed from the rest of the business.  So, the transparency that banks and other financial institutions need is not inherent in software development.
Plus, visibility and traceability of digital assets is being made more difficult because of the escalating complexity of applications and systems, multiple operating platforms and end points, plus a wider variety of file types -  often larger whether individually or in total volume – and incorporation of emerging technologies.     
This makes it difficult to comply with regulatory demands, because the audit trail – for example, when a piece of code was created or changed, by whom, when, where and how – is difficult to unearth, if challenged.  This is exacerbated by the fact that many financial products have to be maintained for years, if not decades, because of legacy customers.  Plus, should a problem become apparent later, a bank might have to devote extensive time and resource to find the source.  Finally, there is the risk that vulnerabilities can creep into the software development process, leading to breaches that are not detected until it is too late. 
Clearly, the scale of the potential risk and associated costs is too high to ignore and we are seeing more and more FS firms face this challenge head-on, adopting what has been coined ‘a single source of truth’.  Breaking down those traditional software development siloes, the idea of a ‘single source of truth’ is one place for all the digital assets involved in a project or product’s development and on-going lifecycle, from idea, design and development, through to test, deployment, release and maintenance.  The ‘single source of truth’ must be extremely collaborative and transparent, with item-level tracking and visibility of what changed, by who, why and when, across every single digital asset and contributor, technology, internally and externally. "

Recommendations on how FS (and other institutions) could build the SSoT in the link provided above. 

quinta-feira, 1 de março de 2018

TOOL: Statistical Analyis - Oracle Crystal Ball (Monte Carlo simulation)

Not free, but one very widely used tool for analyzing and improving Process Performance Models (PPM) using Monte Carlo simulations:



Quoting:

"Oracle Crystal Ball is the leading spreadsheet-based application suite for predictive modeling, forecasting, simulation, and optimization. It gives you unparalleled insight into the critical factors affecting risk. With Crystal Ball, you can make the right tactical decisions to reach your objectives and gain a competitive edge under even the most uncertain market conditions.

Using Monte Carlo simulation, Oracle Crystal Ball automatically calculates and records the results of thousands of different "what if" cases. Analysis of these scenarios reveals to you the range of possible outcomes, their probability of occurring, the inputs that most impact your model, and where you should focus your efforts. Oracle Crystal Ball is for strategic planners, financial analysts, engineers, scientists, entrepreneurs, CPAs, marketing managers, venture capitalists, consultants, six sigma professionals, and anyone else who uses spreadsheets to forecast uncertain results."